Groups | Search | Server Info | Login | Register

Groups > linux.debian.announce.security > #4818

[SECURITY] [DSA 6251-1] libreoffice security update

From Moritz Muehlenhoff <jmm@debian.org>
Newsgroups linux.debian.announce.security
Subject [SECURITY] [DSA 6251-1] libreoffice security update
Date 2026-05-07 21:00 +0200
Message-ID <MSc6Z-3loF-1@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6251-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 07, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreoffice
CVE ID         : CVE-2026-4430

Dun Anh Nguyen discovered a buffer overflow in LibreOffice, which could
result in an out-of-bounds write if OOXML documents with malformed
encryption parameters are opened.

For the oldstable distribution (bookworm), this problem has been fixed
in version 4:7.4.7-1+deb12u11.

For the stable distribution (trixie), this problem has been fixed in
version 4:25.2.3-2+deb13u4.

We recommend that you upgrade your libreoffice packages.

For the detailed security status of libreoffice please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libreoffice

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmn8258ACgkQEMKTtsN8
Tjacew//aGMDdsyxfGU5izQr8zPm9Bb2emFolfymkAhOrMoa/+apY6jOPmuUtp5B
Ly51+ak9EAzY7ueP7tj2Sr5/4EDyismXWNM4LMLI0211zsoN8LynLV8BZlrZZF6g
5Gh7bcHdY3FrBbNwCjXOKzW30oC9WNoAStaHU8lZQHyOETO7k2729X1f1Dy+CLsC
c8sXlkXqPyVycYy0HK/n0qShC8cs/k0BG+e+tYciMbgoPy0YE+apqbM38bdrGGnJ
OyNiMdleOCkSNRn/7CM6G9wK7mHsEWI2wP/LqbV1C6nZi01hWvRLDKQni3U5cErl
p0ED90PcdW2zp9hqvLgoXEj9UQ8+I07QyUmxI7WlBbaMcl8NQvqEjw/CYBtNNMAe
e1b43uSp3WcoKb5yNLAYK8+XiYBY7UQK6U7LUyEIwlylbvdB3rK/iQNNy3WBQsMV
K+twcLO8z55pNsciL8Ev/Ig0wKIUkvpt1gO2bNhjp9Xq3FsiYS7Cq4JZCQ3vtUng
fG2AAr/oLnOJTvoqwA0InbOpX8KjdhOAHJC78qDL/QCY1syjnh2dKVE0oVfr00Ks
Wx+fVe0px4RvwuXhMOPc+PScZj0s4xPnRV94VwP2eOZu+TJZ1hNYBECCQqgbWP6i
cQj/uN4ZZlnRTt8wF2ExwrGxmQbiNtWa109ihr4Q95dMIoYKkTk=
=YZex
-----END PGP SIGNATURE-----

Back to linux.debian.announce.security | Previous | Next | Find similar

Thread

[SECURITY] [DSA 6251-1] libreoffice security update Moritz Muehlenhoff <jmm@debian.org> - 2026-05-07 21:00 +0200

csiph-web